FBI Director James Comey Discusses Cybersecurity at BC Conference

The Director of the Federal Bureau of Investigation, James Comey, spoke at Boston College on March 8 along with numerous other technology and cybersecurity experts.

The event, which was part of the Boston Conference on Cyber Security, was the result of a collaboration between the Federal Bureau of Investigation and the Cybersecurity Policy & Governance master’s degree program at the Woods College of Advancing Studies. This year’s conference follows a similar event in May 2016, where cybersecurity experts from the Department of Homeland Security and the FBI convened at BC to simulate a cyberattack and to assess the challenge of responding to breaches in security.

Comey discussed the cybersecurity landscape whilst providing information on the current efforts of the Bureau in eliminating cyber threats.

His remarks also identified some of the problems that made responding to these threats difficult. Comey asserted, for one, that cyber threats are “too fast, too big, and too widespread for any of us to address them alone,” according to an FBI news release.

Director Comey presented to the audience the Bureau’s current strategies in effective cyber security, which include sanctioning and penalizing cyber criminals, investing in the equipment and training of state and local partners to increase their efficiency, and improving collaboration with the private sector, which often experiences its own cyber intrusions.

While commenting on the increasing security breaches on both state and local levels, Director Comey said that the proliferating practice of encrypting devices is complicating the process of investigating these crimes.

“There is a nearly universal consensus from technologists that it’s impossible to build weaknesses or access mechanisms in technology that can only be used by the good guys and not by the bad,” he said, according to Consumer Reports.

Since there is no benchmark that clearly defines the nature and parameters of a cybersecurity incident, many organizations in the public and private sectors alike have adopted unique practices to curtail and eliminate serious threats.

To that end, Comey added that many of the encrypted devices recovered by the FBI from Oct. to Dec. 2016 were not easily opened with FBI techniques, muddling the cyber threat detection process. This persistent problem caused Comey to call for the renewal of the national conversation on privacy, technology, and the federal government’s role in preventing widespread breaches in security.

Comey’s address was followed by panel discussions from cyber security experts from the FBI, Department of Homeland Security, IBM Security, National Grid, and the U.S. Department of Defense, among others.

The panel discussions, much like Director Comey’s remarks, sought to reaffirm the importance of strong connections in the private sector while touching upon best practices in cybersecurity and the logistics of the effective enforcement and operation thereof. They also echoed one of the central themes of Comey’s address: that the cyber attacks on the local, state, and national levels as of late have exacerbated security concerns, and that the union of the public and private sector is the best remedy for future threats.